Security for electronic and mechanical systems has rapidly become an important issue in recent years. With the proliferation of computers, computer networks and other electronic device and networks into all aspects of business and daily life, the concern over secure file and transaction access has grown tremendously. The ability to secure data and transactions is particularly important for financial, medical, education, government, military, and communications endeavors. In addition, there is also a continuing to need to permit access to secure facilities in both private and public facilities, buildings, and compounds.
Using passwords is a common method of providing security for electrical or mechanical systems. Password protection and/or combination type locks are employed for computer network security, automatic teller machines, telephone banking, calling cards, telephone answering services, buildings, factories, houses and safes. These systems generally require the knowledge of an entry code that has been selected by or provided to a user or has been configured in advance.
Pre-set codes are often forgotten; however, as users have no reliable method of remember them. Writing down the codes and storing them in close proximity to an access control device (e.g., a combination lock) results in a secure access control system with a very insecure code. Alternatively, the nuisance of trying several code variations renders the access control system more of a problem than a solution.
Password systems are known to suffer from other disadvantages. Usually, a user specifies passwords. Most users, being unsophisticated users of security systems, choose passwords that are relatively insecure. As such, many password systems are easily accessed through a simple trial and error process.
To secure access to particular areas, such as buildings, the most common building security system relied on traditionally has been a security guard. A security guard reviews identification cards and compares pictures thereon to a person carrying the card. The security guard provides access upon recognition or upon other criteria. Other building security systems use card access, password access, or another secure access approach. Unfortunately, passwords and cards have the same drawbacks when used for building security as when used for computer security.
As computer networks are increasingly used to link computer systems together, applications have been developed to allow a user on a client computer system to access a service on a host computer system. For example, a user on a client system may be able to access information contained in a database on a host computer system. Unfortunately, along with this increased accessibility comes increased potential for security problems. For example, communications, including authentication, between a client system and a host system can be intercepted and tampered with while in transit over the computer network. This may allow third parties or malicious users on a client computer system to gain access to, or security codes for, a service on a host computer system without proper authorization.
A number of systems have been developed to ensure that users do not gain unauthorized access to host computer systems. As explained above, some systems prompt a user for passwords. Such systems may also rely on PIN numbers, before granting the user access to the host computer system. As indicated above, however, passwords and PIN numbers may be forgotten or may fall into the wrong hands. Additionally, using passwords and PIN numbers for security purposes places an additional burden on institutions because passwords or PIN numbers require additional machinery and human resources to deal with customers when customers forget passwords or PIN numbers, or when customers request that passwords or PIN numbers be changed.
As an alternative to traditional security systems, such as security guards, passwords or PIN numbers, biometric authentication systems have been developed to authorize accesses to various electronic and mechanical systems. Biometrics can generally be defined as the science of utilizing unique physical or behavioral personal characteristics to verify the identity of an individual. Biometric authentication systems are typically combined with hardware and software systems for automated biometric verification or identification. Biometric authentication systems receive a biometric input, such as a fingerprint or a voice sample, from a user. This biometric input is typically compared against a prerecorded template containing biometric data associated with the user to determine whether to grant the user access to a service on the host system.
A biometric security access system can thus provide substantially secure access and does not require a password or access code. A biometric identification system accepts unique biometric information from a user and identifies the user by matching the information against information belonging to registered users of the system. One such biometric system is a fingerprint recognition system.
In a fingerprint biometric system input transducer or sensor, the finger under investigation is usually pressed against a flat surface, such as a side of a glass plate; the ridge and valley pattern of the finger tip is sensed by a sensing means such as an interrogating light beam. In order to capture an image of a fingerprint, a system may be prompted through user entry that a fingertip is in place for image capture. Another method of identifying fingerprints is to capture images continuously and to analyze each image to determine the presence of biometric information such as a fingerprint.
Various optical devices are known which employ prisms upon which a finger whose print is to be identified is placed. The prism has a first surface upon which a finger is placed, a second surface disposed at an acute angle to the first surface through which the fingerprint is viewed and a third illumination surface through which light is directed into the prism. In some cases, the illumination surface is at an acute angle to the first surface. In other cases, the illumination surface may be parallel to the first surface. Fingerprint identification devices of this nature are generally used to control the building-access or information-access of individuals to buildings, rooms, and devices such as computer terminals.
One non-limiting example of a facial biometric authentication technique is disclosed in U.S. Patent Application Publication No. 20040240711, entitled “Face Identification Verification Using 3 dimensional Modeling,” which published on Dec. 2, 2004 to Rida Hamza et al., and is assigned to Honeywell International Inc. Note that U.S. Patent Application Publication No. 20040240711 is incorporated herein by reference in its entirety. An example of an iris biometric authentication system and method is disclosed in U.S. Patent Application Publication No. 20060165266, entitled “Iris Recognition System and Method,” which published on Jul. 27, 2006 to Rida Hamza and is also assigned to Honeywell International Inc. U.S. Patent Application Publication No. 20060165266 is incorporated herein by reference in its entirety.
Certain establishments have strong incentives to recognize repeat visitors or customers. An automated technique for recognizing a repeat visitor and provide users with information about the visitor's past visits would be useful for a number of applications. Casino operators, for example, would benefit from a system that could identify repeat “high roller” visitors and quickly provide casino personnel information on their gaming and hospitality preferences and other information based on previous visits. This would allow casinos to provide more personalized service to a larger number of customers. It is not however desirable to put a visitor out by asking for identification or other biometric based identifier such as a fingerprint. What is needed is a system that can unobtrusively identify a person based on standoff collected biometrics and then provide biographical information and visit history information on the subject.